Dify Stored Cross-Site Scripting Vulnerability in Mermaid Diagram Rendering

A stored cross-site scripting vulnerability has been identified in Dify, an open-source platform for developing applications with large language models. This issue affects versions prior to 1.11.2 and arises when Mermaid diagrams are rendered within chat conversations. The vulnerability is rooted in the default Mermaid configuration, which allows potentially unsafe content to execute by setting the security level to 'loose'. As a result, an attacker can inject malicious scripts into a chat, compromising the session of anyone who views the message.

Impact

Exploitation of this vulnerability allows for stored cross-site scripting, where injected scripts are executed in the context of the user viewing the chat.

Reproduction

To reproduce this vulnerability, create a chatbot in the Dify application and include a payload that takes advantage of the loose security level in Mermaid diagrams. After sending the message, click on the generated element to observe the execution of the injected script.

Remediation

Users can update to Dify version 1.11.2 or later, where this vulnerability has been fixed.